From c2e7e3c777c9ff74acfad8af794a88089a55b9f3 Mon Sep 17 00:00:00 2001 From: alcampag Date: Thu, 16 Oct 2025 10:33:33 +0200 Subject: [PATCH] Added global tolerations for logan and mgmnt-agent --- charts/logan/README.md | 73 ++++++++++++++++--- charts/logan/templates/discovery-cronjob.yaml | 6 +- charts/logan/templates/fluentd-daemonset.yaml | 3 + .../logan/templates/tcpconnect-daemonset.yaml | 5 +- charts/logan/values.schema.json | 27 +++++++ charts/logan/values.yaml | 9 +++ charts/mgmt-agent/README.md | 50 +++++++------ .../templates/mgmt-agent-daemonset.yaml | 4 + charts/mgmt-agent/values.schema.json | 31 +++++++- charts/mgmt-agent/values.yaml | 9 +++ 10 files changed, 178 insertions(+), 39 deletions(-) diff --git a/charts/logan/README.md b/charts/logan/README.md index 27cfc31..1f59b61 100644 --- a/charts/logan/README.md +++ b/charts/logan/README.md @@ -1,6 +1,6 @@ # oci-onm-logan -![Version: 3.0.0](https://img.shields.io/badge/Version-3.0.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 3.0.0](https://img.shields.io/badge/AppVersion-3.0.0-informational?style=flat-square) +![Version: 4.0.2](https://img.shields.io/badge/Version-4.0.2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 3.0.0](https://img.shields.io/badge/AppVersion-3.0.0-informational?style=flat-square) Charts for sending Kubernetes platform logs, compute logs, and Kubernetes Objects information to OCI Log Analytics. @@ -8,21 +8,30 @@ Charts for sending Kubernetes platform logs, compute logs, and Kubernetes Object | Repository | Name | Version | |------------|------|---------| -| file://../common | oci-onm-common | 3.0.0 | +| file://../common | oci-onm-common | 3.1.0 | ## Values | Key | Type | Default | Description | |-----|------|---------|-------------| | authtype | string | `"InstancePrincipal"` | Allowed values: InstancePrincipal, config | -| extraEnv | list | `[]` | Use this to tag all the collected logs with one or more key:value pairs. Key must be a valid field in Log Analytics metadata: "Client Host Region": "PCT" "Environment": "Production" "Third key": "Third Value" @param extra environment variables. Example name: ENV_VARIABLE_NAME value: ENV_VARIABLE_VALUE | +| enableEKSControlPlaneLogs | bool | `false` | Enables collection of AWS EKS Control Plane logs through CloudWatch or S3 Fluentd plugin | +| enableTCPConnectLogs | bool | `true` | Enables the collection of TCP connect logs. Default: true Note: Disabling this will prevent automatic discovery of workload-to-workload communication within the cluster. | +| extraEnv | list | `[]` | | | extraVolumeMounts | list | `[]` | @param extraVolumeMounts Mount extra volume(s). Example: - name: tmpDir mountPath: /tmp | | extraVolumes | list | `[]` | @param extraVolumes Extra volumes. Example: - name: tmpDir hostPath: path: /tmp log | | fluentd.baseDir | string | `"/var/log"` | Base directory on the node (with read write permission) for storing fluentd plugins related data. | -| fluentd.customFluentdConf | string | `""` | | -| fluentd.customLogs | string | `nil` | Configuration for any custom logs which are not part of the default configuration defined in this file. All the pod/container logs will be collected as per "genericContainerLogs" section. Use this section to create a custom configuration for any of the container logs. Also, you can use this section to define configuration for any other log path existing on a Kubernetes worker node custom-id1: path: /var/log/containers/custom*.log Log Analytics log source to use for parsing and processing the logs: ociLALogSourceName: "Custom1 Logs" The regular expression pattern for the starting line in case of multi-line logs. multilineStartRegExp: Set isContainerLog to false if the log is not a container log (/var/log/containers/*.log). Default value is true. isContainerLog: true | +| fluentd.customFluentdConf | string | `""` | To set timezone override for "custom-id1" (applies only to log records without explicit timezone identifier in the record itself) timezone: custom-id2: path: /var/log/custom/*.log Log Analytics log source to use for parsing and processing the logs: ociLALogSourceName: "Custom2 Logs" The regular expression pattern for the starting line in case of multi-line logs. multilineStartRegExp: Set isContainerLog to false if the log is not a container log (/var/log/containers/*.log). Default value is true. isContainerLog: false -- Alternative approach to define the configuration for any custom logs which are not part of the default configuration defined in this file. Provide the Fluentd configuration with the source and filter sections for your custom logs in this section. Exclude the match section. It would be used without any modification. Notes: Ensure that @id in the source section is unique and does not collide with any default configuration defined in this file Tag must start with "oci." and must be unique. In case of container log (/var/log/containers/*.log), exclude the corresponding log path in "genericContainerLogs" section. | +| fluentd.customLogs | string | `nil` | Configuration for any custom logs which are not part of the default configuration defined in this file. All the pod/container logs will be collected as per "genericContainerLogs" section. Use this section to create a custom configuration for any of the container logs. Also, you can use this section to define configuration for any other log path existing on a Kubernetes worker node | +| fluentd.eksControlPlane.awsStsRoleArn | string | `nil` | | +| fluentd.eksControlPlane.awsUseSts | bool | `true` | | +| fluentd.eksControlPlane.collectionType | string | `"cloudwatch"` | | +| fluentd.eksControlPlane.logs | object | `{"apiserver":{"cwLogStreamName":"kube-apiserver","multilineStartRegExp":"/^\\S\\d{2}\\d{2}\\s+[^\\:]+:[^\\:]+:[^\\.]+\\.\\d{0,3}/","objectKey":".*?kube-apiserver/","ociLALogSourceName":"Kubernetes API Server Logs","sqsQueue":"apiserver"},"audit":{"objectKey":".*?kube-apiserver-audit","ociLALogSourceName":"Kubernetes Audit Logs","sqsQueue":"audit"},"authenticator":{"cwLogStreamName":"authenticator","multilineStartRegExp":"/^time=/","objectKey":".*?authenticator","ociLALogSourceName":"AWS EKS Authenticator Logs","sqsQueue":"authenticator"},"cloudcontrollermanager":{"cwLogStreamName":"cloud-controller-manager","multilineStartRegExp":"/^\\S\\d{2}\\d{2}\\s+[^\\:]+:[^\\:]+:[^\\.]+\\.\\d{0,3}/","objectKey":".*?cloud-controller-manager","ociLALogSourceName":"Cloud Controller Manager Logs","sqsQueue":"cloud-controller-manager"},"kubecontrollermanager":{"cwLogStreamName":"kube-controller-manager","multilineStartRegExp":"/^\\S\\d{2}\\d{2}\\s+[^\\:]+:[^\\:]+:[^\\.]+\\.\\d{0,3}/","objectKey":".*?kube-controller-manager","ociLALogSourceName":"Kubernetes Controller Manager Logs","sqsQueue":"kube-controller-manager"},"scheduler":{"cwLogStreamName":"kube-scheduler","multilineStartRegExp":"/^\\S\\d{2}\\d{2}\\s+[^\\:]+:[^\\:]+:[^\\.]+\\.\\d{0,3}/","objectKey":".*?kube-scheduler","ociLALogSourceName":"Kubernetes Scheduler Logs","sqsQueue":"scheduler"}}` | To set timezone override for all eksControlPlane logs (applies only to log records without explicit timezone identifier in the record itself) timezone: | +| fluentd.eksControlPlane.ociLALogGroupID | string | `nil` | | +| fluentd.eksControlPlane.region | string | `nil` | | +| fluentd.eksControlPlane.s3Bucket | string | `nil` | | | fluentd.file | string | `"fluent.conf"` | Fluentd config file name | -| fluentd.genericContainerLogs.exclude_path | list | `["\"/var/log/containers/kube-proxy-*.log\"","\"/var/log/containers/kube-flannel-*.log\"","\"/var/log/containers/kube-dns-autoscaler-*.log\"","\"/var/log/containers/coredns-*.log\"","\"/var/log/containers/csi-oci-node-*.log\"","\"/var/log/containers/proxymux-client-*.log\"","\"/var/log/containers/cluster-autoscaler-*.log\""]` | List of log paths to exclude that are already part of other specific configurations defined (like Kube Proxy, Kube Flannel) If you want to create a custom configuration for any of the container logs using the customLogs section, then exclude the corresponding log path here. | +| fluentd.genericContainerLogs.exclude_path | list | `["\"/var/log/containers/kube-proxy-*.log\"","\"/var/log/containers/kube-flannel-*.log\"","\"/var/log/containers/kube-dns-autoscaler-*.log\"","\"/var/log/containers/coredns-*.log\"","\"/var/log/containers/csi-oci-node-*.log\"","\"/var/log/containers/proxymux-client-*.log\"","\"/var/log/containers/cluster-autoscaler-*.log\"","\"/var/log/containers/ebs-csi-node-*.log\"","\"/var/log/containers/ebs-csi-controller-*.log\"","\"/var/log/containers/kube-apiserver-*.log\"","\"/var/log/containers/etcd-*.log\"","\"/var/log/containers/kube-controller-manager-*.log\"","\"/var/log/containers/kube-scheduler-*.log\"","\"/var/log/containers/*-logan-tcpconnect-*.log\""]` | List of log paths to exclude that are already part of other specific configurations defined (like Kube Proxy, Kube Flannel) If you want to create a custom configuration for any of the container logs using the customLogs section, then exclude the corresponding log path here. | | fluentd.genericContainerLogs.ociLALogSourceName | string | `"Kubernetes Container Generic Logs"` | Default Log Analytics log source to use for parsing and processing the logs: Kubernetes Container Generic Logs. | | fluentd.genericContainerLogs.path | string | `"/var/log/containers/*.log"` | | | fluentd.kubernetesMetadataFilter.ca_file | string | `nil` | Path to CA file for Kubernetes server certificate validation | @@ -33,14 +42,16 @@ Charts for sending Kubernetes platform logs, compute logs, and Kubernetes Object | fluentd.kubernetesMetadataFilter.skip_namespace_metadata | bool | `false` | Skip the namespace_id field from the metadata. The fetch_namespace_metadata function will be skipped. The plugin will be faster and cpu consumption will be less. | | fluentd.kubernetesMetadataFilter.verify_ssl | bool | `true` | Validate SSL certificates | | fluentd.kubernetesMetadataFilter.watch | bool | `true` | Set up a watch on the pods on the API server for updates to metadata. By default, true. | -| fluentd.kubernetesObjects | object | `{"objectsList":{"cron_jobs":{"api_endpoint":"apis/batch"},"daemon_sets":{"api_endpoint":"apis/apps"},"deployments":{"api_endpoint":"apis/apps"},"events":{"api_endpoint":""},"jobs":{"api_endpoint":"apis/batch"},"namespaces":{"api_endpoint":""},"nodes":{"api_endpoint":""},"pods":{"api_endpoint":""},"replica_sets":{"api_endpoint":"apis/apps"},"stateful_sets":{"api_endpoint":"apis/apps"}}}` | Configuration for collecting Kubernetes Object information. Supported objects are Node, Pod, Namespace, Event, DaemonSet, ReplicaSet, Deployment, StatefulSet, Job, CronJob | +| fluentd.kubernetesSystem.logs | object | `{"cluster-autoscaler":{"multilineStartRegExp":"/^\\S\\d{2}\\d{2}\\s+[^\\:]+:[^\\:]+:[^\\.]+\\.\\d{0,3}/","ociLALogSourceName":"Kubernetes Autoscaler Logs","path":"/var/log/containers/cluster-autoscaler-*.log"},"coredns":{"multilineStartRegExp":"/^\\[[^\\]]+\\]\\s+/","ociLALogSourceName":"Kubernetes Core DNS Logs","path":"/var/log/containers/coredns-*.log"},"csi-controller":{"ociLALogSourceName":"Kubernetes CSI Controller Logs","path":"/var/log/containers/ebs-csi-controller-*.log"},"csinode":{"ociLALogSourceName":"Kubernetes CSI Node Driver Logs","path":"/var/log/containers/csi-oci-node-*.log,/var/log/containers/ebs-csi-node-*.log"},"etcd":{"ociLALogSourceName":"Kubernetes etcd Logs","path":"/var/log/containers/etcd-*.log"},"kube-apiserver":{"multilineStartRegExp":"/^\\S\\d{2}\\d{2}\\s+[^\\:]+:[^\\:]+:[^\\.]+\\.\\d{0,3}/","ociLALogSourceName":"Kubernetes API Server Logs","path":"/var/log/containers/kube-apiserver-*.log"},"kube-audit":{"ociLALogSourceName":"Kubernetes Audit Logs","path":"/var/log/kubernetes/audit/audit*"},"kube-controller-manager":{"multilineStartRegExp":"/^\\S\\d{2}\\d{2}\\s+[^\\:]+:[^\\:]+:[^\\.]+\\.\\d{0,3}/","ociLALogSourceName":"Kubernetes Controller Manager Logs","path":"/var/log/containers/kube-controller-manager-*.log"},"kube-dns-autoscaler":{"multilineStartRegExp":"/^\\S\\d{2}\\d{2}\\s+[^\\:]+:[^\\:]+:[^\\.]+\\.\\d{0,3}/","ociLALogSourceName":"Kubernetes DNS Autoscaler Logs","path":"/var/log/containers/kube-dns-autoscaler-*.log"},"kube-flannel":{"multilineStartRegExp":"/^\\S\\d{2}\\d{2}\\s+[^\\:]+:[^\\:]+:[^\\.]+\\.\\d{0,3}/","ociLALogSourceName":"Kubernetes Flannel Logs","path":"/var/log/containers/kube-flannel-*.log"},"kube-proxy":{"multilineStartRegExp":"/^\\S\\d{2}\\d{2}\\s+[^\\:]+:[^\\:]+:[^\\.]+\\.\\d{0,3}/","ociLALogSourceName":"Kubernetes Proxy Logs","path":"/var/log/containers/kube-proxy-*.log"},"kube-scheduler":{"multilineStartRegExp":"/^\\S\\d{2}\\d{2}\\s+[^\\:]+:[^\\:]+:[^\\.]+\\.\\d{0,3}/","ociLALogSourceName":"Kubernetes Scheduler Logs","path":"/var/log/containers/kube-scheduler-*.log"},"proxymux":{"ociLALogSourceName":"OKE Proxymux Client Logs","path":"/var/log/containers/proxymux-client-*.log"},"tcpconnect":{"ociLALogSourceName":"Kubernetes TCP Connect Logs","path":"/var/log/containers/*-logan-tcpconnect*.log"}}` | To set timezone override for all kubernetesSystem logs (applies only to log records without explicit timezone identifier in the record itself) timezone: | | fluentd.kubernetesSystem.logs.cluster-autoscaler | object | `{"multilineStartRegExp":"/^\\S\\d{2}\\d{2}\\s+[^\\:]+:[^\\:]+:[^\\.]+\\.\\d{0,3}/","ociLALogSourceName":"Kubernetes Autoscaler Logs","path":"/var/log/containers/cluster-autoscaler-*.log"}` | Kubernetes Autoscaler Logs collection configuration | | fluentd.kubernetesSystem.logs.coredns | object | `{"multilineStartRegExp":"/^\\[[^\\]]+\\]\\s+/","ociLALogSourceName":"Kubernetes Core DNS Logs","path":"/var/log/containers/coredns-*.log"}` | Kubernetes Core DNS Logs collection configuration | -| fluentd.kubernetesSystem.logs.csinode | object | `{"ociLALogSourceName":"Kubernetes CSI Node Driver Logs","path":"/var/log/containers/csi-oci-node-*.log"}` | Kubernetes CSI Node Driver Logs collection configuration | +| fluentd.kubernetesSystem.logs.csi-controller | object | `{"ociLALogSourceName":"Kubernetes CSI Controller Logs","path":"/var/log/containers/ebs-csi-controller-*.log"}` | Kubernetes CSI Controller Logs collection configuration | +| fluentd.kubernetesSystem.logs.csinode | object | `{"ociLALogSourceName":"Kubernetes CSI Node Driver Logs","path":"/var/log/containers/csi-oci-node-*.log,/var/log/containers/ebs-csi-node-*.log"}` | Kubernetes CSI Node Driver Logs collection configuration | | fluentd.kubernetesSystem.logs.kube-dns-autoscaler | object | `{"multilineStartRegExp":"/^\\S\\d{2}\\d{2}\\s+[^\\:]+:[^\\:]+:[^\\.]+\\.\\d{0,3}/","ociLALogSourceName":"Kubernetes DNS Autoscaler Logs","path":"/var/log/containers/kube-dns-autoscaler-*.log"}` | Kubernetes DNS Autoscaler Logs collection configuration | | fluentd.kubernetesSystem.logs.kube-flannel | object | `{"multilineStartRegExp":"/^\\S\\d{2}\\d{2}\\s+[^\\:]+:[^\\:]+:[^\\.]+\\.\\d{0,3}/","ociLALogSourceName":"Kubernetes Flannel Logs","path":"/var/log/containers/kube-flannel-*.log"}` | Kube Flannel logs collection configuration | | fluentd.kubernetesSystem.logs.kube-proxy | object | `{"multilineStartRegExp":"/^\\S\\d{2}\\d{2}\\s+[^\\:]+:[^\\:]+:[^\\.]+\\.\\d{0,3}/","ociLALogSourceName":"Kubernetes Proxy Logs","path":"/var/log/containers/kube-proxy-*.log"}` | Kube Proxy logs collection configuration | | fluentd.kubernetesSystem.logs.proxymux | object | `{"ociLALogSourceName":"OKE Proxymux Client Logs","path":"/var/log/containers/proxymux-client-*.log"}` | Proxymux Client Logs collection configuration | +| fluentd.linuxSystem.logs | object | `{"cronlog":{"multilineStartRegExp":"/^(?:(?:\\d+\\s+)?<([^>]*)>(?:\\d+\\s+)?)?\\S+\\s+\\d{1,2}\\s+\\d{1,2}:\\d{1,2}:\\d{1,2}\\s+/","ociLALogSourceName":"Linux Cron Logs","path":"/var/log/cron*"},"kubeletlog":{"ociLALogSourceName":"Kubernetes Kubelet Logs"},"linuxauditlog":{"ociLALogSourceName":"Linux Audit Logs","path":"/var/log/audit/audit*"},"maillog":{"multilineStartRegExp":"/^(?:(?:\\d+\\s+)?<([^>]*)>(?:\\d+\\s+)?)?\\S+\\s+\\d{1,2}\\s+\\d{1,2}:\\d{1,2}:\\d{1,2}\\s+/","ociLALogSourceName":"Linux Mail Delivery Logs","path":"/var/log/maillog*"},"securelog":{"multilineStartRegExp":"/^(?:(?:\\d+\\s+)?<([^>]*)>(?:\\d+\\s+)?)?\\S+\\s+\\d{1,2}\\s+\\d{1,2}:\\d{1,2}:\\d{1,2}\\s+/","ociLALogSourceName":"Linux Secure Logs","path":"/var/log/secure*"},"syslog":{"multilineStartRegExp":"/^(?:(?:\\d+\\s+)?<([^>]*)>(?:\\d+\\s+)?)?\\S+\\s+\\d{1,2}\\s+\\d{1,2}:\\d{1,2}:\\d{1,2}\\s+/","ociLALogSourceName":"Linux Syslog Logs","path":"/var/log/messages*"},"uptracklog":{"multilineStartRegExp":"/^\\d{4}-\\d{2}-\\d{2}\\s+\\d{2}:\\d{2}:\\d{2}/","ociLALogSourceName":"Ksplice Logs","path":"/var/log/uptrack*"},"yum":{"ociLALogSourceName":"Linux YUM Logs","path":"/var/log/yum.log*"}}` | To set timezone override for all linuxSystem logs (applies only to log records without explicit timezone identifier in the record itself) timezone: | | fluentd.linuxSystem.logs.cronlog | object | `{"multilineStartRegExp":"/^(?:(?:\\d+\\s+)?<([^>]*)>(?:\\d+\\s+)?)?\\S+\\s+\\d{1,2}\\s+\\d{1,2}:\\d{1,2}:\\d{1,2}\\s+/","ociLALogSourceName":"Linux Cron Logs","path":"/var/log/cron*"}` | Linux CRON logs collection configuration | | fluentd.linuxSystem.logs.kubeletlog | object | `{"ociLALogSourceName":"Kubernetes Kubelet Logs"}` | kubelet logs collection configuration | | fluentd.linuxSystem.logs.linuxauditlog | object | `{"ociLALogSourceName":"Linux Audit Logs","path":"/var/log/audit/audit*"}` | Linux audit logs collection configuration | @@ -49,19 +60,48 @@ Charts for sending Kubernetes platform logs, compute logs, and Kubernetes Object | fluentd.linuxSystem.logs.syslog | object | `{"multilineStartRegExp":"/^(?:(?:\\d+\\s+)?<([^>]*)>(?:\\d+\\s+)?)?\\S+\\s+\\d{1,2}\\s+\\d{1,2}:\\d{1,2}:\\d{1,2}\\s+/","ociLALogSourceName":"Linux Syslog Logs","path":"/var/log/messages*"}` | Linux syslog collection configuration | | fluentd.linuxSystem.logs.uptracklog | object | `{"multilineStartRegExp":"/^\\d{4}-\\d{2}-\\d{2}\\s+\\d{2}:\\d{2}:\\d{2}/","ociLALogSourceName":"Ksplice Logs","path":"/var/log/uptrack*"}` | Linux uptrack logs collection configuration | | fluentd.linuxSystem.logs.yum | object | `{"ociLALogSourceName":"Linux YUM Logs","path":"/var/log/yum.log*"}` | Linux yum logs collection configuration | +| fluentd.multiProcessWorkers | int | `0` | Set corresponding workerId using worker field against each source/log. When enabled MultiProcessWorkers, the default worker would be 0 until unless set for each source/log. | | fluentd.ociLoggingAnalyticsOutputPlugin.buffer | object | `{"disable_chunk_backup":true,"flush_interval":30,"flush_thread_burst_interval":0.05,"flush_thread_count":1,"flush_thread_interval":0.5,"retry_exponential_backoff_base":2,"retry_forever":true,"retry_max_times":17,"retry_wait":2,"total_limit_size":"5368709120"}` | Fluentd Buffer Configuration | | fluentd.ociLoggingAnalyticsOutputPlugin.plugin_log_file_count | int | `10` | The number of archived or rotated log files to keep, must be non-zero. | | fluentd.ociLoggingAnalyticsOutputPlugin.plugin_log_file_size | string | `"10MB"` | The maximum log file size at which point the log file to be rotated, for example, 1KB, 1MB, etc. | | fluentd.ociLoggingAnalyticsOutputPlugin.plugin_log_level | string | `"info"` | Output plugin logging level: DEBUG < INFO < WARN < ERROR < FATAL < UNKNOWN | | fluentd.ociLoggingAnalyticsOutputPlugin.profile_name | string | `"DEFAULT"` | OCI API Key profile to use, if multiple profiles are found in the OCI API config file. | | fluentd.path | string | `"/var/opt/conf"` | Path to the fluentd config file | +| fluentd.rewriteTagPlugin.hostname_command | string | `"cat /etc/hostname"` | | | fluentd.tailPlugin | object | `{"flushInterval":60,"readFromHead":true}` | Config for Logs Collection using fluentd tail plugin | +| fluentd.timezone | string | `nil` | To set timezone override for all logs collected using this solution (applies only to log records without explicit timezone identifier in the record itself) | | global.namespace | string | `"oci-onm"` | Kubernetes Namespace for creating monitoring resources. Ignored if oci-kubernetes-monitoring-common.createNamespace set to false. | | global.resourceNamePrefix | string | `"oci-onm"` | Resource names prefix used, where allowed. | | image.imagePullPolicy | string | `"Always"` | Image pull policy | | image.imagePullSecrets | string | `nil` | | -| image.url | string | `"container-registry.oracle.com/oci_observability_management/oci-la-fluentd-collector:1.1.0"` | Replace this value with actual docker image url | -| kubernetesClusterID | string | `nil` | OKE Cluster OCID e.g. ocid1.cluster.oc1.phx.aaaaaaaahhbadf3rxa62faaeixanvr7vftmkg6hupycbf4qszctf2wbmqqxq | +| image.url | string | `"container-registry.oracle.com/oci_observability_management/oci-la-fluentd-collector:1.7.2"` | Replace this value with actual docker image url | +| k8sDiscovery.infra.enable_service_log | bool | `true` | | +| k8sDiscovery.infra.oci_tags_base64 | string | `nil` | | +| k8sDiscovery.infra.probe_all_compartments | bool | `false` | | +| k8sDiscovery.infra.rms_template_base64_encoded | string | `"UEsDBBQAAAAIAKiEcVrCu61l9Q4AAJA4AAAOABwAZmlsdGVyLWxvZ3MucHlVVAkAA2QC2Gc7k9pndXgLAAEE9QEAAAQUAAAA1Vttc9s2Ev6uX4HK1yM1lWTHSe4a32g6jq2kviqxx5I703M8HIqEJMYUyQNIORqf//vt4oUkKOrNTj9UHxyJWCwWi91nX4gc/HCYcXY4DqJDGi1IskxncfS60TggF1GSpScEvhFyTXmcMY+SMOApiSdk8L5NeDaOaErcyCeXv/XJWZjxlDKgv8xSnCpmns2od0+CCQnjKScuo8QNGXX9JaGROw6pTyYxIwGuRZhahYuZF5MqqeTYKXimM7oUPDWv8ZIkjC6COOOHXsYYjUDae0rmcRSkMQuiKeFxmKVBHBE74/h7wihFGeYkdae81ThQG04zFnHiu6kL0pF/Dy8/Cyo3/RdJYzKmxIsjns3lorBv5uIwKu59FoRpByaFwZi5LID9BPMkZiBK/o1R/e0rjyP9HXQ0BZkaExbPSZKAvClRQ+rXARldnl+CePN4AafhosJhydEsYH4ncVm6LK3akNQn5JwmNPJp5C0JbFyeMUlc796dUg7b46kbovq8MM78Dp/RMIS55zEMikdEPALVxovAp3DwiZAJTw6OgKN+/SwEapcTFAItJEgtYD0XK/wC3M5KjB4C+OOGD+4yX51cnl1oyYbnv7WJ50bkgZIMuLtoapwKtrnU2jYK6eEckAnMLrT834zylEuF6l9d13cTUBzXuv11NLo6lc8kZcZC0OLrLhhKqInAItiyIcfjJIVtgmRq7DJBi7rCR6xNhjdXV9f94dD5tT+40jO8oAsGMwmmeg4+diZBSAsCHkwjyjTBUPwqRt0snSmSXPIL3Hzk0SswDi9I3JCf05BOXRRnBIYfVZiQXDFToAAL+XAxGPWvncHlR+fmeuCM+p+uBqejPukRa5amCT85PFRG2X2Uk566KMwjp7Ad3wnpgoaOH8/dIHo6PD46Pjp6+/rVoeuhBPwQ9gdKHYDr/+LFczSNObjkhd97LP10Av/p79Lzh5QtAo/2HuVPh8vfeljDUO8RZPCfrMawf3p99usu4ne8ZK8dcOoyb/bnSd647o+u/3CGo2uQ9+MfILEwMLsB4AMAAybdO24T8Pe5+y2YZ3MSZfMxGAe4AANCdG+kHIM7xJOJMwGNx0xNod+SOALxAjfUBEQSiDlgMmnGHfBejyKe927fHL1pkzfH79rk7dER/jnGP6/xz5s7wRLcXLiJmgzg54MPAhCiMIgqjRbCjQc+mYLDRpJYORr4ezoTLCQ1TxlQTZcidMzjDFEuRWZIwinncEgNPbdXdk8btOGo/fdMDRrrk4g+aE4kHn+lXtrQP3sFEAzlI7ulB7tCGruJxgO202zrLdRS8ApJw6cIUIACDhjJ3EXrCiLquGyaoblwu3UiTkDQ4NbKwAFSFGOAUb4Ti1Hb6jCrTUDfKdo12I8j7RgepsuE4kPQKNg4PAB4TfABAqGiWs/Wr7CVTlDHFjbmZmHasz6DYVWWUbPkMgfkYUYxtnBO/TZRkDd24RdBAEOr9AQ8kYAjuPvkf2A94ZLMqRvJkOLTBQRUnmIklDwvIow9fiZQBaOCih0YHFYgsHY1xUgILIXKmBQDIVgse7ZeVmutCr2KCiXvPVRoBIvWejFh/ztJStaKmlREVRw3ynre/3B6MxhtFLduLV5aS6aJDiLNJosdqMxSkvMNZhuWmIex6ztjN0QLYDuvgbOInrVpqfvSUp7Mbx2fpm4Q8l3W+e1nomZtWiQtK0tGD0hFN/H/7M6p0FXqYiIcLeJ7TGXTGfgU91iQpGo58ceWK3FAKgYZLjBQUkiowoeAPYIUcuooToma0C2wRuJWaQeQ8MbMbo4AsTtMTUCXRmwNGPW7zVYdx5IxbGTJd2e5agIbOYe7c66c+Ea23h46yM94I8d0DUcxh4n6pHq0GAI/QDLMRdjHiNqMmeuFVGTxkIDOm1jMeAAcKjogc5QNPB4ilY+jmD8fkBsMUDAIuQQETxgBZjr/l4gvkR6o83pA8cqn2BdqLTBVDMgq6zyEIB3OQVoMl5DWOzWZmC1p22otFTenYQwHTYb9s8vP586g/3t/4Jxffjq9+Kz1rET7oUeaiLPNQsNQuXkzEfy7MrezmfUFLfxL1779Mrz7qfU3K18un1WzFPAQvLpTFmeJ/UoS05DTYjGxQ7GY2HF3CrsUzxyR9svHao/bFtM8rvung0/DW8HmTuUajILhQLIpsny7cNc2KYIRsEBVyEc6jMhnSq0QcFaiqCUiDcah609DMkSg0Tous5Z8CJCaT2WUKxQCaV/xAz/xOHZSrFBAlJh3abQIGGRXoCgbo5+Tj1stY96E+lSGRAeqNJicZ2KiPtohxV+8Ovz29uhdsyvLedtgLw9vKvPEsj5rWGE4XD0xU9xA6dVJtGLVYcHkHYu3VQH9nEyqqJcrq13WD5T8SYxNg15Fa4WI9JtHk5T0xT+4aSjgqXlQuvyjmsZu3ohui0QEYYBE7Ul2VC7fXxIhTbdgfEJ+5F3IlSGU2bRl6oh+C1LtRlL/AtvWqq7G3w425USISyLFFOmmn4k2kI8HGSeYlpe4XBVZZpFi8pocs7LCInCLbZf4gTpLQbmKpyyLsB9T6rqQ3z9xREv0OVVBrneh3L3zVoKNf5wwVlL1Sk7Z1hmkE2Hy0CujQauGrYM7LGx1nSmmNALFLHty0q2lflt37RVS0CTL6fBHHRFEoSlloteV05ae1U2BgQUUfc49XTrG/nMGeqR2NlQqTjJjYDc5femZdWfM+JM9R50oyvoy31k9w4aMGF4YYN9CVcC2hghEhTaUYOks9h1MO9tKMBUhAPVLgwLgry6HI6sc8XgCUQotS1fKSbyyAgrUU5yVG9ew/tjfwhmjxFbGZXwQxmNbN5FKVcD/5KIix7bypEqu1GVuAIkxxAdHtjtUaa6Uix1bkXVyO5+R0m8pcFEd1wa2bZbYJIZaFRuZkO8Tl6QBeJ5sUfhEtsaI6kyq9jpMtJDqTBJZJ8Q6Pjp+2zl61Tk6Hh394+Ttu5Pjn7vv/vnmPxYSQxCKGUA7WpS7iAMfV0JLQmwCrpK9bomresFNEgDDr/GYm1kEzGFLW8vS1gDURkNWRhFwB3+odjtYjBu5Uwrp99IRvNu6Ey/IVN5sJhtyPraBeuQxPyALUQm2q1e/lQ9KDos1q29QiAdlCiUwEGnRizGza2fwqQyVOeqdA32uhGLU1AbQVNRTUFb1BLTVR4L4SXtbnRp/kHosrDpX5a0QVOSjYgeg2hoGVao6Pptm53OUH+TT0OzFOxmOohsvVIhdVDstjH9gbBxjrgCjOALWEcfBEl1bsEAOjnglIzcMXxHiMeNTqnu/bOZVqx7F+gOcwmBwUkVHKJE4zacWC3ex0E7sFoKQweFWsb/TFCssRyyjRmWm1pAlDpYbQpce9j1j8DL9pZ2DToG0OeCBuswDN3jjA/FHvEBL6Rw3rucWc4KJGEQzL/WTrLtb1WvAb1oaPPse0b/MaKazMuBVLL26WQ0mKvg52kgCyuugRa0Fo6JyhwfyrR3O4w6+fWuXDqiAkJy3eEHXI7d3uSq0+LLSNdiXtGJ4KjAodIqfqnMCgTjhsseY6GYMQWxxlWCbD39lt63yuZVZmYdhWCesUqaEhEmNjmCwksDUbGxHLzTLmqr6TAEC3leYaK6OtmjMNHe1qtnHlXH8mDh2Ulkcfn3EsQu/Lt8T82tmBVVZ8fNUpHsqYtXHSlGlK9uuXbH4KMsXllGJUfUfHXdI4ZjbpqycTjVsb5lfYyQrgX4Li/o0oPRry/xW2Z8MZ+9C+gK5ny1OwMjLqpQSkEQ3yQSObhBNYtu6iII0cFNxKUCdChAQKSC4RRhSWQoiqsg3GsUVha5OGtd0V9e+AWoYkvh0nE1t60wSEyQmObHk5OdLreuVrbZr20YLVze1JBNd0lWbR1uY6DKy/MyoHytbwtaRWkutVGwkFhdEJGzLtjiLQaewV0e1/wtIL4aMRm8thW62lzgfkFOSRQGUOyIdeZgF3qyUhxBR6YfFuRK7ZEatPFvHOx74clK4A0SzKVSkectdXVuAjFpqOMdQLLNXmr5aLvHWT3DVl2oKIRj1aLDAKgHzd6/OOmRSVI7Spd46LFyqUmqa7104ktD1qN388gVKy2azVfa4akO9nt0q3SaulWZ6PcsK0Tp+W4rvzYW3UDszLjSpxrYv+jhawcQWl350w6a1Q0Wuq3F9wtIw9UUpXCrPUtQzyFFqX4mUq1vMTuqvaegWZtGxrHHiLUi77rNzw/PZK5h1F0ZEoYmaguzZezDuYuCbs0kYP2CyZT2bJ1adJVllEVqYwEqXzoTFpvVB1v2DeGqR06sLfRkBTXNC8RVFEYN42VKsH7nVbK9dFz8yXDilhsnGdo9s4eSdnhe2ttZubAI7AdcC5MXX17hFEXGVTxSb3bPjtQJ7mEJrZ3XS2BnTUgZ0awHKW3eNkoPJBklvY8UieW9Ldqqfpray5r4zt+9lX44Vm9hboKL2ymfmX1QY/6mntVkFPuM9u4l/RvBAGNz0GreChmtufe2Chs9y+t2h8FnsV3DQUMV3g8MVMGziOnqZvU1VfhQaViSW4PQshnsg6VCU1nsgaXm/Gk9rJX8ZrGL7ehVV8XOgrvHaFZYvxt51qqjH3opbvhyCw/F2+PUQEUAvlrjjsD8UGwe1NyK/yNQ3b+8vhcgqwSblKlw0zYzEW7TO1l1++X6p6Z+emX6vxNTUxaY3BnvuZCU/je9p5/5n3vGSDt54tJ7LWeFyVfAXAPNe0Lx3kqvtUqFyvdx/3WxXb+87YK1WzTbAvc/GtOMmARoXxQvElrxngO1ehr0t1pFNPTEmqDcMcW9G8b94PAO4zbPcG7krHrE3eO+gr78IgssLA6oviTdZ8A0D9oV4GsNAIN984f8oEfvWdPoVyaMlCt8TvcST5KxHn1YbSqIz3jQZNe9058bP5gmcrjFabEjmOSXCR2vhhhm+Sa1n+9QqGTne55mLJozM2zw3zK+FkwPxir0gVTlVnSQvahQphYsuEO5h3waQ2W0elBCvOMO1reVGMCGOuKvjOOJShONgoHMcdTPCOKiDfK2xywNP3oUSl4GQQa8p7xp08Py78AfTXgyePT3rvP/+5mOxC9kyf6YCC9LYE6+3/J2UJX4ctRr/B1BLAwQUAAAACACYgy9a7w4W3ZYFAAAtEgAABwAcAG1haW4udGZVVAkAA+eUh2c7k9pndXgLAAEE9QEAAAQUAAAAzVfbbhs3EH3XVwzoFJEASYnRtwBOkSZ+SBvEQRL0xRAIane0YrQiVZLrZGHo3zu87E1eu07QADUMy8sdnhmemTlDncEHgwdhEEppHegNGLS6MhlamEoFf3y6eg8bbfbCzcBpOAhrwW1x7x8+1G6rFdjMyIOblDoTpYXbCYDeIdeZzOECrmkz7OZwA4R2I8wyKyvr0MAL2K2un6+SNdkCWdtqbZ2ZBqhlgzKHxfn5HM7PZ5PjpO/mEPzz6B/izwWwjSzJwaLUhV0eatYZHoTbAnSGcflXBmchzIXZW3iaFp8Cxf30WWXNs7VUz5rVEO8BjXCSAKWSTgpHloRGoS521RqNQod2sdf0UhupCjahTXQyWueB5TaCSOyUXf9iV2wOX7RUU/qk30gb1kScKCtsyIsolsj7YrVClekcp8FitprNyE2pRc7XohQqQxO9/YCbAcoD3lIueY5OSErKjx2qq4hRN+RnYxA9LN8LJQrMf6+5EwX5ugXWLjECSIUzkqDjAId2W9q+R1N4V2bpF5bN68/0ME9Y46794XPcSIV5xCKwFia98Cje6Rl8RJFDpssSM4c55MIJmG7QZVt6WtfDPvLQVEqcyreg4vGfPOy4CPTkGOjxK0v8RrQpClKqG98sRnzlBv+u0LrUFEvq5qp0y8jmJBRIYZuz8HXNrRPZzjM58dnzCZLk49u81QGfpUTrSFTXzAOyFbwI+9mT22afN8+PvLfg97j6gEcGFy9b/LBPdrqzvBvcBThTecOjF4AzeBuOeyI/gSPWUMKA3UsKi+JhdGHE3ktUPF5PJJrkDwRmHk+4ML6Yn9z6dHtGDBZUaUfWvLbxdQTodX1nUfYt7jZsZ7jrG570Wmfl+lYjpd9Z5sPIc70XMkXOFtnwZabVRhactBR9AlRVlvAbsPfUoL7RRsyObBXT01YOc3KPPolOZpQQi646cL9GGRgq+WlpFUaTqRJ79MravKHCKGvCslxUjoKnf3kubaZv0NS8pSCMkyOPQbAY0ztdQAANJX71+i0kULBobiQFO32cl4g6m3SHHI2dPTbqFGVgIdOVaqeDl5QSVeG206ZSRjp3Bi/hOSXmnHLyPEDsaZq7PSrHw/wNiVJ7Pnzh5UvaQynqSHJwNtrkXSYmQfNiL1CB+cR83krriUzUfhUW2jOKsqwhMyi85H3dooJaVxDrpTK01g3ImJM/L5t5AgvoJzMICRvT7xOJ9qsjwhyt+qtBCOUGszqj8o7SJwulDfJsK1SBHvy6z9B86Hs+cLJqpOlfKzpdih6f1+l9UMvvKS+6Zy1lPqMa8X3cjgFUYl2S0xspujkA7ZD2iSXxP3Ef4vW3N6y9jHujY4soSkp4XjfIo3iPHCZB0op2iiTPvQES4Db+YyltwGi9xoER4wozPud6/YWmb3QVFZQ4P7R3gF4q7rDSTIOxE86ivFyGpxBSmvPUIfZ+kYjyYGPbE0EcRbZtS3W0IianPXsRpy0tZDj1++OUX8ZyZf7CxTibHfm7V8Rfz6CjMaYt1WaszAdEwKci7fDbm1v0p8uPf719fRkatGnvMIJSYyUK4gOZkCAU2tRx90hYya7l7tQuhRGgk3bfsUkvGrMAFIOmgEn925j961Am3yOdo3fJ/5sWncGnxM5rrRRVJLXhyIwLF4FGLk7Hms22PFHpJ31EGR1tA5jHTLMH2/I/nGpjsdJMuffawE6mXAQJg66ptpaJnz/wzuDz1ZurF/CmOpTSd06QmPQFfXLSWzu6ufdOHIs7r4kKmYXVNA2S7KT7/lB6HkxL2iSdv2OGL72dQdPdWjlKRuvge3IXfwaCBAMfPaFoLAbbwoa22k63tcbHSfM3NLITdGTX57ADabh81RRPJPVENONX5n6JtQY/Qy1yPKDKqY79Hex6bDyvfo6o/ANQSwMEFAAAAAgAmIMvWt5I6DVOAQAAwAIAAAsAHABwcm92aWRlci50ZlVUCQAD55SHZzuT2md1eAsAAQT1AQAABBQAAACFUt1qwjAUvu9THPR6yVTYQNhA9EZ2I+wBSpae2jCbdCdpmRvds++YGu1A2E0J39/J+dKARKp0VMN3BkD40RrCIm/IdaZA8hEGcNrA0/kM4F1LGoGRiSOlDyiZn5zJjl3G2RP58wwP4nEg+vjFz4Bk1eF2WKV8ZbSjRibd7dC5WIjFODaYGv+LPGlux92L2VzMrnl91mdZaoBX5N1i9BQ2Trc12qACu5dQhdD4pZSF014MTQjtaon2rvXSKOXl2tnABrnabeXr5oUDvAyp8zRDO1uafUsxVlShzuK0rfVBWV5kR8Zq03BtqzZUjsxXVMYH2w97dIoEXzQfgMG/jrFQmgPCm/JYgGI738bo5Oe78YRjztZilDKGWdV6pEECMFJdYJY0ZDoVMH/HY5KMoLxRoWJVaeweiQkbkmoE/a398gtw90xM4UrFp2R4Cv0vUEsDBBQAAAAIALOzLVpj23A1hwAAAMUAAAAKABwAb3V0cHV0cy50ZlVUCQADekaFZzuT2md1eAsAAQT1AQAABBQAAAB1jsEKAjEMRO/9itCTgvQDhOKnlLgbSrU2a5qsgvjvdsGLB08Dw8y8YdPFFHxpK18pCT6S0N2oa+qTlEU9vBzAitUI4lAJM50tQ4ygMrwTXLi0nQd/gBkVAz2VpGENfyfDIpwFb3s4QrNa3ds5/v6onFNXVOu/4MrTmOSppJHIpeVN0wYc7Q9QSwMEFAAAAAgAmIMvWlk6oj2EAQAAGwUAAAkAHABpbnB1dHMudGZVVAkAA+eUh2c7k9pndXgLAAEE9QEAAAQUAAAAxVM9b9swEN31Kw7yEgN2gK4BumXo1CzZiRN5otlSPII8GhUC/fdQdtpKCoIWXnKDAN3H07undzugXw9Q8hHzqSspHL80Z0wOO0/QsnYqkXUcWnhpAGSMBF8hS3LBNlPT7C7TnFB70p6Ludc8bAAMD+iWADX+YAAY6rF4qan2OwdqYQffMBnQbMjAGX0h6DlBHOXEAbJOLsoBeueF0tGzzfdxnLn8/apnNKpDj0FTyivqA8Y77n6Qlrs5CxBwuDB6iwUxgMrefFSre0ZMMlAQVbsWtWm/X9PJpQskn89D+5KrZp/Og8Og1u0fuGv5R63CgH4Up7Oa32ziEv85J2jz1nm/14U+EVVnDc+16U2KK8b+MLvSBTLvS3WdlWlfoF3itHNqOkC7ALjmYLoczBz1CU/BjxdfP9IZninLzP1a3dyPUKhGHtWs/n9cUSjeb/SuICVTuh0hJndGIfWTRhVRTjeBVD0spQoV5OY1NIfeWVWPn27CMNQVu53smP1qrkefqZleAVBLAwQUAAAACAArlnpZogqurvoAAABjAQAACAAcAGRlYnVnLnRmVVQJAAPaykVnO5PaZ3V4CwABBPUBAAAEFAAAAG2OMU/DQAyF9/yKp5ShlapLWpgqVQysSLAwR+biJgeXczjfpUJV/ztJERsebFn+3nte4UnG7+i6PmFtN9jX+/vt0h+2eIlkPYNCW0mESwo6nZx3lFhNscKzsxyUW+TQckTqGW/BTRyVPF45Dk51Xv84TDtTgxTayzmAEvqURj1UlagauYUZK0Plf3mt8uhNUURWydEySi+WfDO/wCVKFyb55CbSuYn8lVlToza6MZW4FICVHBLmOmKiaFp+zx0escMB9e0cEi/AER8qgYOVlte3ACPWNV66zoVumU1LiTazZgkONPCsKe8uI6XeDNJmz9fqP4lZjMvi+gNQSwECHgMUAAAACACohHFawrutZfUOAACQOAAADgAYAAAAAAABAAAApIEAAAAAZmlsdGVyLWxvZ3MucHlVVAUAA2QC2Gd1eAsAAQT1AQAABBQAAABQSwECHgMUAAAACACYgy9a7w4W3ZYFAAAtEgAABwAYAAAAAAABAAAApIE9DwAAbWFpbi50ZlVUBQAD55SHZ3V4CwABBPUBAAAEFAAAAFBLAQIeAxQAAAAIAJiDL1reSOg1TgEAAMACAAALABgAAAAAAAEAAACkgRQVAABwcm92aWRlci50ZlVUBQAD55SHZ3V4CwABBPUBAAAEFAAAAFBLAQIeAxQAAAAIALOzLVpj23A1hwAAAMUAAAAKABgAAAAAAAEAAACkgacWAABvdXRwdXRzLnRmVVQFAAN6RoVndXgLAAEE9QEAAAQUAAAAUEsBAh4DFAAAAAgAmIMvWlk6oj2EAQAAGwUAAAkAGAAAAAAAAQAAAKSBchcAAGlucHV0cy50ZlVUBQAD55SHZ3V4CwABBPUBAAAEFAAAAFBLAQIeAxQAAAAIACuWelmiCq6u+gAAAGMBAAAIABgAAAAAAAEAAACkgTkZAABkZWJ1Zy50ZlVUBQAD2spFZ3V4CwABBPUBAAAEFAAAAFBLBQYAAAAABgAGAN8BAAB1GgAAAAA="` | | +| k8sDiscovery.infra.stack_operation_timeout | int | `300` | | +| k8sDiscovery.infra.tenancy_ocid | string | `nil` | | +| k8sDiscovery.kubeClientOptions.bearer_token_file | string | `nil` | | +| k8sDiscovery.kubeClientOptions.ca_file | string | `nil` | | +| k8sDiscovery.kubeClientOptions.client_cert | string | `nil` | | +| k8sDiscovery.kubeClientOptions.client_key | string | `nil` | | +| k8sDiscovery.kubeClientOptions.kubernetes_url | string | `nil` | | +| k8sDiscovery.kubeClientOptions.secret_dir | string | `nil` | | +| k8sDiscovery.kubeClientOptions.verify_ssl | bool | `false` | | +| k8sDiscovery.objects.backoffLimit | int | `0` | | +| k8sDiscovery.objects.chunk_limit | string | `nil` | | +| k8sDiscovery.objects.collect_warning_events_only | bool | `false` | | +| k8sDiscovery.objects.cronSchedule | string | `"*/5 * * * *"` | | +| k8sDiscovery.objects.discoveryMode | string | `"object"` | | +| k8sDiscovery.objects.enable_threading | bool | `false` | | +| k8sDiscovery.objects.failedJobsHistoryLimit | int | `3` | | +| k8sDiscovery.objects.log_format | string | `"text"` | | +| k8sDiscovery.objects.log_level | string | `"info"` | | +| k8sDiscovery.objects.ociLALogGroupID | string | `nil` | | +| k8sDiscovery.objects.restartPolicy | string | `"Never"` | | +| k8sDiscovery.objects.successfulJobsHistoryLimit | int | `3` | | +| k8sDiscovery.objects.thread_count | string | `nil` | | +| kubernetesClusterID | string | `nil` | OKE Cluster OCID/EKS Cluster ARN etc. e.g. ocid1.cluster.oc1.phx.aaaaaaaahhbadf3rxa62faaeixanvr7vftmkg6hupycbf4qszctf2wbmqqxq | | kubernetesClusterName | string | `nil` | Kubernetes Cluster name. Need not be the OKE Cluster display name. e.g. production-cluster | | namespace | string | `"{{ .Values.global.namespace }}"` | Kubernetes Namespace for deploying monitoring resources deployed by this chart. | | objectsPollingFrequency | string | `"5m"` | Collection frequency (in minutes) for Kubernetes Objects | @@ -74,16 +114,25 @@ Charts for sending Kubernetes platform logs, compute logs, and Kubernetes Object | oci.configFiles.config | string | `"# Replace each of the below fields with actual values.\n[DEFAULT]\nuser=\nfingerprint=\nkey_file=\ntenancy=\nregion="` | config file [data](https://docs.oracle.com/en-us/iaas/Content/API/Concepts/sdkconfig.htm) Replace each of the below fields with actual values. [DEFAULT] user= fingerprint= key_file= tenancy= region= | | oci.file | string | `"config"` | Config file name | | oci.path | string | `"/var/opt/.oci"` | Path to the OCI API config file | +| ociDomain | string | `nil` | | +| ociLAClusterEntityID | string | `nil` | Kubernetes Cluster Entity OCID. e.g. ocid1.loganalyticsentity.oc1.phx.amaaaaaabulluiqabqeq4delvhdlmd7aqcjrdla57n2szsxyz7pfdvnhwuua | | ociLALogGroupID | string | `nil` | OCID of Log Analytics Log Group to send logs to. Can be overridden for individual log types. e.g. ocid1.loganalyticsloggroup.oc1.phx.amaaaaasdfaskriauucc55rlwlxe4ahe2vfmtuoqa6qsgu7mb6jugxacsk6a | | ociLANamespace | string | `nil` | | -| resourceNamePrefix | string | `"{{ .Values.global.resourceNamePrefix }}"` | Resoure Name Prefix: Wherever allowed, this prefix will be used with all resources used by this chart | +| privileged | bool | `false` | Kubernetes Security Context privileged flag Default: 'false'. This is not a required for OKE clusters. In Kubernetes environments where SELinux mode is enforced, set this flag to 'true' to allow fluentd pods to access log files. | +| resourceNamePrefix | string | `"{{ .Values.global.resourceNamePrefix }}"` | Resource Name Prefix: Wherever allowed, this prefix will be used with all resources used by this chart | +| resourceOverrides.fluentdDaemonset.limits | object | `{"memory":"500Mi"}` | Limits | +| resourceOverrides.fluentdDaemonset.requests | object | `{"cpu":"100m","memory":"250Mi"}` | Resource requests | +| resourceOverrides.fluentdDeployment.limits | object | `{"memory":"500Mi"}` | Limits | +| resourceOverrides.fluentdDeployment.requests | object | `{"cpu":"100m","memory":"250Mi"}` | Resource requests | +| resourceOverrides.tcpconnectDaemonset.requests | object | `{"cpu":"10m","memory":"50Mi"}` | Resource requests | | resources.limits | object | `{"memory":"500Mi"}` | Limits | | resources.requests | object | `{"cpu":"100m","memory":"250Mi"}` | Resource requests | | runtime | string | `"cri"` | Container runtime for Kubernetes Cluster. Requires fluentd configuration changes accordingly Allowed values: docker, cri(for OKE 1.20 and above) | | serviceAccount | string | `"{{ .Values.global.resourceNamePrefix }}"` | Kubernetes ServiceAccount | +| tolerations | list | `[]` | Custom tolerations to apply to all pods in the chart. Default: [] (no additional tolerations) Example: tolerations: - key: "example-taint" operator: "Exists" effect: "NoSchedule" | | volumes | object | `{"containerdataHostPath":"/u01/data/docker/containers","podsHostPath":"/var/log/pods"}` | Log logvolumes for pod logs and container logs | | volumes.containerdataHostPath | string | `"/u01/data/docker/containers"` | Path to the container data logs on Kubernetes Nodes | | volumes.podsHostPath | string | `"/var/log/pods"` | Path to the pod logs on Kubernetes Nodes | ---------------------------------------------- -Autogenerated from chart metadata using [helm-docs v1.11.0](https://github.com/norwoodj/helm-docs/releases/v1.11.0) +Autogenerated from chart metadata using [helm-docs v1.14.2](https://github.com/norwoodj/helm-docs/releases/v1.14.2) diff --git a/charts/logan/templates/discovery-cronjob.yaml b/charts/logan/templates/discovery-cronjob.yaml index e5290f3..527e6ab 100644 --- a/charts/logan/templates/discovery-cronjob.yaml +++ b/charts/logan/templates/discovery-cronjob.yaml @@ -25,6 +25,10 @@ spec: spec: restartPolicy: {{ .Values.k8sDiscovery.objects.restartPolicy }} serviceAccountName: {{ $serviceAccount }} + {{- if .Values.tolerations }} + tolerations: + {{- toYaml .Values.tolerations | nindent 10 }} + {{- end }} {{- if .Values.image.imagePullSecrets }} imagePullSecrets: - name: {{ .Values.image.imagePullSecrets }} @@ -176,4 +180,4 @@ spec: sources: - secret: name: {{ $resourceNamePrefix }}-oci-config - {{- end }} \ No newline at end of file + {{- end }} diff --git a/charts/logan/templates/fluentd-daemonset.yaml b/charts/logan/templates/fluentd-daemonset.yaml index 558da02..50b3ed4 100644 --- a/charts/logan/templates/fluentd-daemonset.yaml +++ b/charts/logan/templates/fluentd-daemonset.yaml @@ -35,6 +35,9 @@ spec: effect: NoSchedule - key: node-role.kubernetes.io/control-plane effect: NoSchedule + {{- if .Values.tolerations }} + {{- toYaml .Values.tolerations | nindent 6 }} + {{- end }} {{- if $imagePullSecrets }} imagePullSecrets: - name: {{ .Values.image.imagePullSecrets }} diff --git a/charts/logan/templates/tcpconnect-daemonset.yaml b/charts/logan/templates/tcpconnect-daemonset.yaml index f034deb..12c58c0 100644 --- a/charts/logan/templates/tcpconnect-daemonset.yaml +++ b/charts/logan/templates/tcpconnect-daemonset.yaml @@ -31,6 +31,9 @@ spec: effect: NoSchedule - key: node-role.kubernetes.io/control-plane effect: NoSchedule + {{- if .Values.tolerations }} + {{- toYaml .Values.tolerations | nindent 6 }} + {{- end }} {{- if $imagePullSecrets }} imagePullSecrets: - name: {{ .Values.image.imagePullSecrets }} @@ -72,4 +75,4 @@ spec: schedulerName: default-scheduler securityContext: {} terminationGracePeriodSeconds: 30 -{{- end }} \ No newline at end of file +{{- end }} diff --git a/charts/logan/values.schema.json b/charts/logan/values.schema.json index ac7b053..faa17b2 100644 --- a/charts/logan/values.schema.json +++ b/charts/logan/values.schema.json @@ -68,6 +68,33 @@ }, "ociLAClusterEntityID": { "type": "string" + }, + "tolerations": { + "type": "array", + "items": { + "type": "object", + "properties": { + "key": { + "type": "string" + }, + "operator": { + "type": "string", + "enum": ["Equal", "Exists"] + }, + "value": { + "type": "string" + }, + "effect": { + "type": "string", + "enum": ["NoSchedule", "PreferNoSchedule", "NoExecute"] + }, + "tolerationSeconds": { + "type": "integer" + } + }, + "additionalProperties": false + }, + "default": [] } } } diff --git a/charts/logan/values.yaml b/charts/logan/values.yaml index 8dd21ef..34a045b 100644 --- a/charts/logan/values.yaml +++ b/charts/logan/values.yaml @@ -139,6 +139,15 @@ resourceOverrides: cpu: 100m memory: 250Mi +# -- Custom tolerations to apply to all pods in the chart. +# Default: [] (no additional tolerations) +# Example: +# tolerations: +# - key: "example-taint" +# operator: "Exists" +# effect: "NoSchedule" +tolerations: [] + # -- @param extraVolumes Extra volumes. # Example: # - name: tmpDir diff --git a/charts/mgmt-agent/README.md b/charts/mgmt-agent/README.md index 5871a09..375b63b 100644 --- a/charts/mgmt-agent/README.md +++ b/charts/mgmt-agent/README.md @@ -1,6 +1,6 @@ # oci-onm-mgmt-agent -![Version: 3.0.0](https://img.shields.io/badge/Version-3.0.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.16.0](https://img.shields.io/badge/AppVersion-1.16.0-informational?style=flat-square) +![Version: 3.0.5](https://img.shields.io/badge/Version-3.0.5-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.16.0](https://img.shields.io/badge/AppVersion-1.16.0-informational?style=flat-square) A Helm chart for collecting Kubernetes Metrics using OCI Management Agent into OCI Monitoring. @@ -8,29 +8,43 @@ A Helm chart for collecting Kubernetes Metrics using OCI Management Agent into O | Repository | Name | Version | |------------|------|---------| -| file://../common | oci-onm-common | 3.0.0 | +| file://../common | oci-onm-common | 3.1.0 | ## Values | Key | Type | Default | Description | |-----|------|---------|-------------| | deployMetricServer | bool | `true` | By default, metric server will be deployed and used by Management Agent to collect metrics. You can set this to false if you already have metric server installed on your cluster | +| deployment.cleanupEpochTime | string | `nil` | | +| deployment.daemonSet.hostPath | string | `nil` | | +| deployment.daemonSet.overrideOwnership | bool | `true` | | +| deployment.daemonSetDeployment | bool | `false` | | +| deployment.resource.limit.cpuCore | string | `"500m"` | | +| deployment.resource.limit.memory | string | `"1Gi"` | | +| deployment.resource.request.cpuCore | string | `"200m"` | | +| deployment.resource.request.memory | string | `"500Mi"` | | +| deployment.resource.request.storage | string | `"2Gi"` | | +| deployment.security.fsGroup | int | `2000` | | +| deployment.security.runAsGroup | int | `2000` | | +| deployment.security.runAsUser | int | `1000` | | +| deployment.storageClass | string | `nil` | | | global.namespace | string | `"oci-onm"` | Kubernetes Namespace in which the resources to be created. Set oci-kubernetes-monitoring-common:createNamespace set to true, if the namespace doesn't exist. | | global.resourceNamePrefix | string | `"oci-onm"` | Prefix to be attached to resources created through this chart. Not all resources may have this prefix. | | kubernetesCluster.compartmentId | string | `nil` | OCI Compartment Id to push Kubernetes Monitoring metrics. If not specified default is same as Agent compartment | +| kubernetesCluster.enableAutomaticPrometheusDetection | bool | `false` | | +| kubernetesCluster.monitoringNamespace | string | `nil` | OCI namespace to push Kubernetes Monitoring metrics. The namespace should match the pattern '^[a-z][a-z0-9_]*[a-z0-9]$'. By default metrics will be pushed to 'mgmtagent_kubernetes_metrics' | | kubernetesCluster.name | string | `nil` | Kubernetes cluster name | | kubernetesCluster.namespace | string | `"*"` | Kubernetes cluster namespace(s) to monitor. This can be a comma-separated list of namespaces or '*' to monitor all the namespaces | -| kubernetesCluster.monitoringNamespace | string | `nil` | OCI namespace to push Kubernetes Monitoring metrics. The namespace should match the pattern '^[a-z][a-z0-9_]*[a-z0-9]$'. By default metrics will be pushed to 'mgmtagent_kubernetes_metrics' | -| kubernetesCluster.overrideAllowMetricsAPIServer | string | `nil` | Provide the specific list of comma separated metric names for agent computed metrics to be collected. | -| kubernetesCluster.overrideAllowMetricsCluster | string | `nil` | Provide the specific list of comma separated metric names for agent computed metrics to be collected | -| kubernetesCluster.overrideAllowMetricsKubelet | string | `nil` | Provide the specific list of comma separated metric names for Kubelet (/api/v1/nodes//proxy/metrics) metrics to be collected | -| kubernetesCluster.overrideAllowMetricsNode | string | `nil` | Provide the specific list of comma separated metric names for Node (/api/v1/nodes//proxy/metrics/resource, /api/v1/nodes//proxy/metrics/cadvisor) metrics to be collected | -| kubernetesCluster.enableAutomaticPrometheusDetection | bool | `false` | Setting this to true will enable automatic PrometheusEmitter metrics collection from eligible pods | +| kubernetesCluster.overrideAllowMetricsAPIServer | string | `nil` | Provide the specific list of comma separated metric names for API server (/metrics) metrics to be collected. | +| kubernetesCluster.overrideAllowMetricsCluster | string | `nil` | Provide the specific list of comma separated metric names for agent computed metrics to be collected. | +| kubernetesCluster.overrideAllowMetricsKubelet | string | `nil` | Provide the specific list of comma separated metric names for Kubelet (/api/v1/nodes//proxy/metrics) metrics to be collected. | +| kubernetesCluster.overrideAllowMetricsNode | string | `nil` | Provide the specific list of comma separated metric names for Node (/api/v1/nodes//proxy/metrics/resource, /api/v1/nodes//proxy/metrics/cadvisor) metrics to be collected. | +| mgmtagent.extraEnv[0].name | string | `"DISABLE_JRE_DEFAULT_SECURITY_PROPERTIES_FILE"` | | +| mgmtagent.extraEnv[0].value | string | `"false"` | | | mgmtagent.image.secret | string | `nil` | Image secrets to use for pulling container image (base64 encoded content of ~/.docker/config.json file) | | mgmtagent.image.url | string | `nil` | Replace this value with actual docker image URL for Management Agent | | mgmtagent.installKey | string | `"resources/input.rsp"` | Copy the downloaded Management Agent Install Key file under root helm directory as resources/input.rsp | -| mgmtagent.installKeyFileContent | string | `nil` | Provide the base64 encoded content of the Management Agent Install Key file (e.g. `cat input.rsp \| base64 -w 0`) | -| mgmtagent.extraEnv | string | `nil` | Please specify additional environment variables in name:value pairs | +| mgmtagent.installKeyFileContent | string | `nil` | Provide the base64 encoded content of the Management Agent Install Key file (e.g. cat input.rsp | base64 -w 0) | | namespace | string | `"{{ .Values.global.namespace }}"` | Kubernetes namespace to create and install this helm chart in | | oci-onm-common.createNamespace | bool | `true` | If createNamespace is set to true, it tries to create the namespace defined in 'namespace' variable. | | oci-onm-common.createServiceAccount | bool | `true` | By default, a cluster role, cluster role binding and serviceaccount will be created for the monitoring pods to be able to (readonly) access various objects within the cluster, to support collection of various telemetry data. You may set this to false and provide your own serviceaccount (in the parent chart(s)) which has the necessary cluster role(s) binded to it. Refer, README for the cluster role definition and other details. | @@ -38,19 +52,7 @@ A Helm chart for collecting Kubernetes Metrics using OCI Management Agent into O | oci-onm-common.resourceNamePrefix | string | `"{{ .Values.global.resourceNamePrefix }}"` | Prefix to be attached to resources created through this chart. Not all resources may have this prefix. | | oci-onm-common.serviceAccount | string | `"{{ .Values.global.resourceNamePrefix }}"` | Name of the Kubernetes ServiceAccount | | serviceAccount | string | `"{{ .Values.global.resourceNamePrefix }}"` | Name of the Kubernetes ServiceAccount | -| deployment.security.runAsUser | integer | `1000` | Processes in the Container will use the specified user ID | -| deployment.security.runAsGroup | integer | `2000` | Processes in the Container will use the specified group ID | -| deployment.security.fsGroup | integer | `2000` | Files created in the Container will use the specified group ID | -| deployment.cleanupEpochTime | integer | `nil` | Please provide the current epoch time in seconds (Eg: Executing the following command in a bash shell will provide the epoch time: "date +%s") to clean up the agent installation directory from previous deployment | -| deployment.daemonSetDeployment | bool | `false` | Setting the daemonset deployment to true, will deploy the Management Agents as a daemonset in addition to deploying the Management Agent as a statefulset. This is done to to distribute the node metrics collection to agents running on the node | -| deployment.daemonSet.hostPath | string | `nil` | The host path to store data, if Agent is deployed as DaemonSet. Management Agent Pod should have read-write access to it | -| deployment.daemonSet.overrideOwnership | bool | `true` | Override the ownership and permissions on the hostPath. The hostPath will be owned by the runAsUser and runAsGroup provided under security context and the permission as 750.
Note: This requires oraclelinux:8-slim image

Setting overrideOwnership to false will disable the ownership change. | -| deployment.resource.request.cpuCore | string | `200m` | Minimum CPU cores(millicore) for each agent instance | -| deployment.resource.request.memory | string | `500Mi` | Minimum memory(mebibytes) for each agent instance | -| deployment.resource.request.storage | string | `2Gi` | Minimum storage(gibibyte) for StatefulSet's PVC | -| deployment.resource.limit.cpuCore | string | `500m` | Maximum CPU cores(millicore) for each agent instance | -| deployment.resource.limit.memory | string | `1Gi` | Maximum memory(gibibyte) for each agent instance | -| deployment.storageClass | string | `nil` | The storage class for StatefulSet's PVC. If not provided then the Cluster's default storage class will be used | +| tolerations | list | `[]` | Custom tolerations to apply to all pods in the chart. Default: [] (no additional tolerations) Example: tolerations: - key: "example-taint" operator: "Exists" effect: "NoSchedule" | ---------------------------------------------- -Autogenerated from chart metadata using [helm-docs v1.11.0](https://github.com/norwoodj/helm-docs/releases/v1.11.0) +Autogenerated from chart metadata using [helm-docs v1.14.2](https://github.com/norwoodj/helm-docs/releases/v1.14.2) diff --git a/charts/mgmt-agent/templates/mgmt-agent-daemonset.yaml b/charts/mgmt-agent/templates/mgmt-agent-daemonset.yaml index b0f6b79..52071d3 100644 --- a/charts/mgmt-agent/templates/mgmt-agent-daemonset.yaml +++ b/charts/mgmt-agent/templates/mgmt-agent-daemonset.yaml @@ -27,6 +27,10 @@ spec: runAsGroup: {{ default 0 .Values.deployment.security.runAsGroup }} fsGroup: {{ default 0 .Values.deployment.security.fsGroup }} serviceAccountName: {{ include "mgmt-agent.serviceAccount" . }} + {{- if .Values.tolerations }} + tolerations: + {{- toYaml .Values.tolerations | nindent 8 }} + {{- end }} {{- if .Values.mgmtagent.image.secret }} imagePullSecrets: - name: {{ include "mgmt-agent.resourceNamePrefix" . }}-mgmt-agent-container-registry-key diff --git a/charts/mgmt-agent/values.schema.json b/charts/mgmt-agent/values.schema.json index bec0244..4039c73 100644 --- a/charts/mgmt-agent/values.schema.json +++ b/charts/mgmt-agent/values.schema.json @@ -263,6 +263,35 @@ [ "namespace" ], + "properties": { + "tolerations": { + "type": "array", + "items": { + "type": "object", + "properties": { + "key": { + "type": "string" + }, + "operator": { + "type": "string", + "enum": ["Equal", "Exists"] + }, + "value": { + "type": "string" + }, + "effect": { + "type": "string", + "enum": ["NoSchedule", "PreferNoSchedule", "NoExecute"] + }, + "tolerationSeconds": { + "type": "integer" + } + }, + "additionalProperties": false + }, + "default": [] + } + }, "title": "Values", "type": "object" -} \ No newline at end of file +} diff --git a/charts/mgmt-agent/values.yaml b/charts/mgmt-agent/values.yaml index 3975f31..b5a7204 100644 --- a/charts/mgmt-agent/values.yaml +++ b/charts/mgmt-agent/values.yaml @@ -115,3 +115,12 @@ deployment: # Provide the storage class for StatefulSet's PVC. If not provided then the Cluster's default storage class will be used. storageClass: + +# -- Custom tolerations to apply to all pods in the chart. +# Default: [] (no additional tolerations) +# Example: +# tolerations: +# - key: "example-taint" +# operator: "Exists" +# effect: "NoSchedule" +tolerations: []